The cyber threat from intentional and unintentional insiders

This assessment has been prepared in cooperation with PET and describes the insider threat. The main emphasis of this assessment is on insider incidents involving data and IT system breaches in public authorities and private companies. The assessment is primarily targeted towards management and decision makers within government and the private sector.

Employees who are unaware, negligent, or have malicious intent can cause damaging breaches of information security within an organisation. An employee could for example open an email attachment that contains malware, or could deliberately steal intellectual property, or disrupt critical IT systems. The deliberate insider is often motivated by a conflict with the organisation, while the unintentional insider is put into the situation due to lack of training, negligence, or missing or hard to understand security guidelines from the organisation.

This assessment includes a number of recommendations for good security practices, ongoing awareness training of employees, and logging and access control on mission critical systems These recommendations can help an organisation counter the insider threat.